Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/zmhGKPKE0hupjkTvMQ2peqn5UiI.roa
File: zmhGKPKE0hupjkTvMQ2peqn5UiI.roa (raw, json)
Hash identifier: DJLiyv6GpadX6f3RQT/HMY/vcpJhff5PumFPSDgiUUU=
Subject key identifier: CE:68:46:28:F2:84:D2:1B:A9:8E:44:EF:31:0D:A9:7A:A9:F9:52:22
Certificate issuer: /CN=dac32632aa9154253c6dcd2331e9ad6920b6bdcc
Certificate serial: 01856D53F728879FF907A593FA097836A1FD
Authority key identifier: DA:C3:26:32:AA:91:54:25:3C:6D:CD:23:31:E9:AD:69:20:B6:BD:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sMmMqqRVCU8bc0jMemtaSC2vcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/zmhGKPKE0hupjkTvMQ2peqn5UiI.roa
Signing time: Sun 01 Jan 2023 12:34:57 +0000
ROA not before: Sun 01 Jan 2023 12:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 212.46.57.0/24 maxlen: 24
2a12:fc0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f7:28:87:9f:f9:07:a5:93:fa:09:78:36:a1:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac32632aa9154253c6dcd2331e9ad6920b6bdcc
Validity
Not Before: Jan 1 12:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce684628f284d21ba98e44ef310da97aa9f95222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:70:10:6b:a0:6d:62:f3:89:2b:32:d0:f6:62:
00:6e:fd:62:33:17:96:57:ed:4e:57:6c:8b:92:9e:
de:b0:ef:54:53:f2:f4:79:ba:11:61:d2:31:16:64:
f6:db:f6:c5:2f:7d:7e:bf:cc:a0:35:bc:69:5b:90:
51:e4:3a:93:27:fe:43:4c:cb:55:ab:9d:23:97:e8:
a9:85:0b:fb:25:f5:35:50:4d:22:15:b4:63:7c:03:
61:51:26:41:f9:21:fa:2a:e3:32:c9:51:a0:ab:f1:
d5:9c:40:88:ff:7c:41:f1:a8:7f:24:27:bf:74:c1:
fb:89:1d:f9:54:28:49:6c:1c:97:f3:42:88:3f:3b:
87:e6:8f:2d:78:b6:b3:13:92:9a:b9:0f:cd:fc:15:
cd:77:4c:e2:55:71:a0:4c:30:2a:a0:16:e7:28:11:
88:a0:7d:4b:64:70:fc:1a:4d:d2:38:95:c7:88:0d:
12:0f:2f:94:d7:9e:d4:19:97:2c:f2:ee:31:0d:ea:
7a:02:f6:a4:27:db:10:e4:3c:2d:3b:86:1d:e5:26:
cd:8e:9f:21:8d:f6:64:8c:1f:fc:35:2f:b4:80:e3:
fb:ca:a9:d5:76:d3:d6:60:b6:aa:6a:81:cc:37:d3:
a9:75:15:38:61:53:4a:d9:f6:c7:8e:d1:ce:9d:46:
5d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:68:46:28:F2:84:D2:1B:A9:8E:44:EF:31:0D:A9:7A:A9:F9:52:22
X509v3 Authority Key Identifier:
keyid:DA:C3:26:32:AA:91:54:25:3C:6D:CD:23:31:E9:AD:69:20:B6:BD:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sMmMqqRVCU8bc0jMemtaSC2vcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/zmhGKPKE0hupjkTvMQ2peqn5UiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/49424a-aa5f-4b9f-a627-24654e941c12/1/2sMmMqqRVCU8bc0jMemtaSC2vcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.46.57.0/24
IPv6:
2a12:fc0::/44
Signature Algorithm: sha256WithRSAEncryption
0e:e1:0f:20:73:ce:b9:c2:f9:57:d4:a6:68:89:d5:5f:15:a7:
73:23:24:6c:c7:44:d8:1d:35:8f:28:ea:d9:cf:10:e6:15:46:
f7:85:66:93:83:e2:fc:cd:97:b2:83:ec:87:ec:40:57:f1:6a:
be:dc:89:4a:9e:6c:39:8b:30:3b:1e:5b:3e:1e:26:7c:b3:d8:
80:f4:37:66:e3:e2:7e:74:9e:6a:f6:8d:f5:16:51:1a:8b:38:
61:1c:a6:c7:4c:f8:a9:96:91:68:6b:9a:9c:2d:8c:1f:16:75:
2d:fd:88:85:9f:52:43:84:d0:b6:f7:d3:42:6f:a7:f5:99:23:
49:aa:9a:55:6f:b8:59:90:e6:b5:a4:7f:e7:36:ea:f5:ba:5d:
8e:05:99:9d:64:9b:57:48:59:b4:7a:e4:96:a2:c4:1b:a6:50:
c8:55:bd:aa:b6:4e:75:26:2c:53:f4:46:86:c2:d3:a0:79:b2:
0c:40:f8:67:9b:51:99:30:0b:e3:11:e7:39:0c:6c:f3:b1:96:
92:2e:ba:31:e6:06:78:23:bc:7f:96:60:4a:d5:b6:14:60:8a:
b7:17:a2:f0:03:3f:94:b6:60:5d:9d:48:f7:ae:75:99:31:2d:
29:c8:bb:24:73:44:b5:d3:76:b2:c6:44:49:bf:28:46:6f:eb:
ae:28:92:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtU/coh5/5B6WT+gl4NqH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzMyNjMyYWE5MTU0MjUzYzZkY2QyMzMxZTlhZDY5MjBi
NmJkY2MwHhcNMjMwMTAxMTIzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTY4NDYyOGYyODRkMjFiYTk4ZTQ0ZWYzMTBkYTk3YWE5Zjk1MjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXAQa6BtYvOJKzLQ9mIAbv1iMxeW
V+1OV2yLkp7esO9UU/L0eboRYdIxFmT22/bFL31+v8ygNbxpW5BR5DqTJ/5DTMtV
q50jl+iphQv7JfU1UE0iFbRjfANhUSZB+SH6KuMyyVGgq/HVnECI/3xB8ah/JCe/
dMH7iR35VChJbByX80KIPzuH5o8teLazE5KauQ/N/BXNd0ziVXGgTDAqoBbnKBGI
oH1LZHD8Gk3SOJXHiA0SDy+U157UGZcs8u4xDep6AvakJ9sQ5DwtO4Yd5SbNjp8h
jfZkjB/8NS+0gOP7yqnVdtPWYLaqaoHMN9OpdRU4YVNK2fbHjtHOnUZdeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM5oRijyhNIbqY5E7zENqXqp+VIiMB8GA1UdIwQY
MBaAFNrDJjKqkVQlPG3NIzHprWkgtr3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNNbU1xcVJWQ1U4YmMwak1lbXRhU0MydmN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80OTQyNGEtYWE1Zi00YjlmLWE2Mjct
MjQ2NTRlOTQxYzEyLzEvem1oR0tQS0UwaHVwamtUdk1RMnBlcW41VWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi80OTQyNGEtYWE1Zi00YjlmLWE2MjctMjQ2NTRlOTQxYzEy
LzEvMnNNbU1xcVJWQ1U4YmMwak1lbXRhU0MydmN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1C45MA8E
AgACMAkDBwQqEg/AAAAwDQYJKoZIhvcNAQELBQADggEBAA7hDyBzzrnC+VfUpmiJ
1V8Vp3MjJGzHRNgdNY8o6tnPEOYVRveFZpOD4vzNl7KD7IfsQFfxar7ciUqebDmL
MDseWz4eJnyz2ID0N2bj4n50nmr2jfUWURqLOGEcpsdM+KmWkWhrmpwtjB8WdS39
iIWfUkOE0Lb300Jvp/WZI0mqmlVvuFmQ5rWkf+c26vW6XY4FmZ1km1dIWbR65Jai
xBumUMhVvaq2TnUmLFP0RobC06B5sgxA+GebUZkwC+MR5zkMbPOxlpIuujHmBngj
vH+WYErVthRgircXovADP5S2YF2dSPeudZkxLSnIuyRzRLXTdrLGREm/KEZv664o
ksc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:31:06 2024 by rpki-client on console-ams.rpki-client.org